Vulnerability-Lookup

RHSA-2019:0139

Vulnerability from csaf_redhat - Published: 2019-01-22 16:30 - Updated: 2026-03-18 01:45

Summary

Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.0 security update

Severity

Moderate

Notes

Topic: Red Hat JBoss Enterprise Application Platform 7.2.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.0 Release Notes for information on the most significant bug fixes and enhancements included in this release. Security Fix(es): * picketlink: SAML request parser replaces special strings with system properties (CVE-2017-2582) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. The CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat).

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2017-2582

It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-201 - Insertion of Sensitive Information Into Sent Data

Vendor Fix Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. The References section of this erratum contains a download link (you must log in to download the update). The JBoss server process must be restarted for the update to take effect. https://access.redhat.com/errata/RHSA-2019:0139

References

URL

Category

	https://access.redhat.com/errata/RHSA-2019:0139	self
	https://access.redhat.com/security/updates/classi…	external
	https://access.redhat.com/jbossnetwork/restricted…	external
	https://access.redhat.com/documentation/en-us/red…	external
	https://access.redhat.com/documentation/en-us/red…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=1410481	external
	https://issues.redhat.com/browse/JBEAP-12932	external
	https://issues.redhat.com/browse/JBEAP-13189	external
	https://issues.redhat.com/browse/JBEAP-13658	external
	https://issues.redhat.com/browse/JBEAP-13867	external
	https://issues.redhat.com/browse/JBEAP-13895	external
	https://issues.redhat.com/browse/JBEAP-14222	external
	https://issues.redhat.com/browse/JBEAP-14239	external
	https://issues.redhat.com/browse/JBEAP-14386	external
	https://issues.redhat.com/browse/JBEAP-14415	external
	https://issues.redhat.com/browse/JBEAP-14421	external
	https://issues.redhat.com/browse/JBEAP-14422	external
	https://issues.redhat.com/browse/JBEAP-14427	external
	https://issues.redhat.com/browse/JBEAP-14504	external
	https://issues.redhat.com/browse/JBEAP-14811	external
	https://issues.redhat.com/browse/JBEAP-14852	external
	https://issues.redhat.com/browse/JBEAP-14853	external
	https://issues.redhat.com/browse/JBEAP-14854	external
	https://issues.redhat.com/browse/JBEAP-14881	external
	https://issues.redhat.com/browse/JBEAP-15030	external
	https://issues.redhat.com/browse/JBEAP-15044	external
	https://issues.redhat.com/browse/JBEAP-15046	external
	https://issues.redhat.com/browse/JBEAP-15069	external
	https://issues.redhat.com/browse/JBEAP-15123	external
	https://issues.redhat.com/browse/JBEAP-15334	external
	https://issues.redhat.com/browse/JBEAP-15347	external
	https://issues.redhat.com/browse/JBEAP-15351	external
	https://issues.redhat.com/browse/JBEAP-15352	external
	https://issues.redhat.com/browse/JBEAP-15353	external
	https://issues.redhat.com/browse/JBEAP-15421	external
	https://issues.redhat.com/browse/JBEAP-15431	external
	https://issues.redhat.com/browse/JBEAP-15446	external
	https://issues.redhat.com/browse/JBEAP-15453	external
	https://issues.redhat.com/browse/JBEAP-15494	external
	https://issues.redhat.com/browse/JBEAP-15499	external
	https://issues.redhat.com/browse/JBEAP-15507	external
	https://issues.redhat.com/browse/JBEAP-15542	external
	https://issues.redhat.com/browse/JBEAP-15600	external
	https://issues.redhat.com/browse/JBEAP-15612	external
	https://issues.redhat.com/browse/JBEAP-15614	external
	https://issues.redhat.com/browse/JBEAP-15625	external
	https://issues.redhat.com/browse/JBEAP-15628	external
	https://issues.redhat.com/browse/JBEAP-15656	external
	https://issues.redhat.com/browse/JBEAP-15657	external
	https://issues.redhat.com/browse/JBEAP-15661	external
	https://issues.redhat.com/browse/JBEAP-15666	external
	https://issues.redhat.com/browse/JBEAP-15720	external
	https://issues.redhat.com/browse/JBEAP-15731	external
	https://issues.redhat.com/browse/JBEAP-15740	external
	https://issues.redhat.com/browse/JBEAP-15756	external
	https://issues.redhat.com/browse/JBEAP-16031	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2017-2582	self
	https://bugzilla.redhat.com/show_bug.cgi?id=1410481	external
	https://www.cve.org/CVERecord?id=CVE-2017-2582	external
	https://nvd.nist.gov/vuln/detail/CVE-2017-2582	external

Acknowledgments

Red Hat Hynek Mlnarik

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat JBoss Enterprise Application Platform 7.2.0 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.0 Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* picketlink: SAML request parser replaces special strings with system properties (CVE-2017-2582)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nThe CVE-2017-2582 issue was discovered by Hynek Mlnarik (Red Hat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2019:0139",
        "url": "https://access.redhat.com/errata/RHSA-2019:0139"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=distributions\u0026version=7.2",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=distributions\u0026version=7.2"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=7.2",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=7.2"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
      },
      {
        "category": "external",
        "summary": "1410481",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
      },
      {
        "category": "external",
        "summary": "JBEAP-12932",
        "url": "https://issues.redhat.com/browse/JBEAP-12932"
      },
      {
        "category": "external",
        "summary": "JBEAP-13189",
        "url": "https://issues.redhat.com/browse/JBEAP-13189"
      },
      {
        "category": "external",
        "summary": "JBEAP-13658",
        "url": "https://issues.redhat.com/browse/JBEAP-13658"
      },
      {
        "category": "external",
        "summary": "JBEAP-13867",
        "url": "https://issues.redhat.com/browse/JBEAP-13867"
      },
      {
        "category": "external",
        "summary": "JBEAP-13895",
        "url": "https://issues.redhat.com/browse/JBEAP-13895"
      },
      {
        "category": "external",
        "summary": "JBEAP-14222",
        "url": "https://issues.redhat.com/browse/JBEAP-14222"
      },
      {
        "category": "external",
        "summary": "JBEAP-14239",
        "url": "https://issues.redhat.com/browse/JBEAP-14239"
      },
      {
        "category": "external",
        "summary": "JBEAP-14386",
        "url": "https://issues.redhat.com/browse/JBEAP-14386"
      },
      {
        "category": "external",
        "summary": "JBEAP-14415",
        "url": "https://issues.redhat.com/browse/JBEAP-14415"
      },
      {
        "category": "external",
        "summary": "JBEAP-14421",
        "url": "https://issues.redhat.com/browse/JBEAP-14421"
      },
      {
        "category": "external",
        "summary": "JBEAP-14422",
        "url": "https://issues.redhat.com/browse/JBEAP-14422"
      },
      {
        "category": "external",
        "summary": "JBEAP-14427",
        "url": "https://issues.redhat.com/browse/JBEAP-14427"
      },
      {
        "category": "external",
        "summary": "JBEAP-14504",
        "url": "https://issues.redhat.com/browse/JBEAP-14504"
      },
      {
        "category": "external",
        "summary": "JBEAP-14811",
        "url": "https://issues.redhat.com/browse/JBEAP-14811"
      },
      {
        "category": "external",
        "summary": "JBEAP-14852",
        "url": "https://issues.redhat.com/browse/JBEAP-14852"
      },
      {
        "category": "external",
        "summary": "JBEAP-14853",
        "url": "https://issues.redhat.com/browse/JBEAP-14853"
      },
      {
        "category": "external",
        "summary": "JBEAP-14854",
        "url": "https://issues.redhat.com/browse/JBEAP-14854"
      },
      {
        "category": "external",
        "summary": "JBEAP-14881",
        "url": "https://issues.redhat.com/browse/JBEAP-14881"
      },
      {
        "category": "external",
        "summary": "JBEAP-15030",
        "url": "https://issues.redhat.com/browse/JBEAP-15030"
      },
      {
        "category": "external",
        "summary": "JBEAP-15044",
        "url": "https://issues.redhat.com/browse/JBEAP-15044"
      },
      {
        "category": "external",
        "summary": "JBEAP-15046",
        "url": "https://issues.redhat.com/browse/JBEAP-15046"
      },
      {
        "category": "external",
        "summary": "JBEAP-15069",
        "url": "https://issues.redhat.com/browse/JBEAP-15069"
      },
      {
        "category": "external",
        "summary": "JBEAP-15123",
        "url": "https://issues.redhat.com/browse/JBEAP-15123"
      },
      {
        "category": "external",
        "summary": "JBEAP-15334",
        "url": "https://issues.redhat.com/browse/JBEAP-15334"
      },
      {
        "category": "external",
        "summary": "JBEAP-15347",
        "url": "https://issues.redhat.com/browse/JBEAP-15347"
      },
      {
        "category": "external",
        "summary": "JBEAP-15351",
        "url": "https://issues.redhat.com/browse/JBEAP-15351"
      },
      {
        "category": "external",
        "summary": "JBEAP-15352",
        "url": "https://issues.redhat.com/browse/JBEAP-15352"
      },
      {
        "category": "external",
        "summary": "JBEAP-15353",
        "url": "https://issues.redhat.com/browse/JBEAP-15353"
      },
      {
        "category": "external",
        "summary": "JBEAP-15421",
        "url": "https://issues.redhat.com/browse/JBEAP-15421"
      },
      {
        "category": "external",
        "summary": "JBEAP-15431",
        "url": "https://issues.redhat.com/browse/JBEAP-15431"
      },
      {
        "category": "external",
        "summary": "JBEAP-15446",
        "url": "https://issues.redhat.com/browse/JBEAP-15446"
      },
      {
        "category": "external",
        "summary": "JBEAP-15453",
        "url": "https://issues.redhat.com/browse/JBEAP-15453"
      },
      {
        "category": "external",
        "summary": "JBEAP-15494",
        "url": "https://issues.redhat.com/browse/JBEAP-15494"
      },
      {
        "category": "external",
        "summary": "JBEAP-15499",
        "url": "https://issues.redhat.com/browse/JBEAP-15499"
      },
      {
        "category": "external",
        "summary": "JBEAP-15507",
        "url": "https://issues.redhat.com/browse/JBEAP-15507"
      },
      {
        "category": "external",
        "summary": "JBEAP-15542",
        "url": "https://issues.redhat.com/browse/JBEAP-15542"
      },
      {
        "category": "external",
        "summary": "JBEAP-15600",
        "url": "https://issues.redhat.com/browse/JBEAP-15600"
      },
      {
        "category": "external",
        "summary": "JBEAP-15612",
        "url": "https://issues.redhat.com/browse/JBEAP-15612"
      },
      {
        "category": "external",
        "summary": "JBEAP-15614",
        "url": "https://issues.redhat.com/browse/JBEAP-15614"
      },
      {
        "category": "external",
        "summary": "JBEAP-15625",
        "url": "https://issues.redhat.com/browse/JBEAP-15625"
      },
      {
        "category": "external",
        "summary": "JBEAP-15628",
        "url": "https://issues.redhat.com/browse/JBEAP-15628"
      },
      {
        "category": "external",
        "summary": "JBEAP-15656",
        "url": "https://issues.redhat.com/browse/JBEAP-15656"
      },
      {
        "category": "external",
        "summary": "JBEAP-15657",
        "url": "https://issues.redhat.com/browse/JBEAP-15657"
      },
      {
        "category": "external",
        "summary": "JBEAP-15661",
        "url": "https://issues.redhat.com/browse/JBEAP-15661"
      },
      {
        "category": "external",
        "summary": "JBEAP-15666",
        "url": "https://issues.redhat.com/browse/JBEAP-15666"
      },
      {
        "category": "external",
        "summary": "JBEAP-15720",
        "url": "https://issues.redhat.com/browse/JBEAP-15720"
      },
      {
        "category": "external",
        "summary": "JBEAP-15731",
        "url": "https://issues.redhat.com/browse/JBEAP-15731"
      },
      {
        "category": "external",
        "summary": "JBEAP-15740",
        "url": "https://issues.redhat.com/browse/JBEAP-15740"
      },
      {
        "category": "external",
        "summary": "JBEAP-15756",
        "url": "https://issues.redhat.com/browse/JBEAP-15756"
      },
      {
        "category": "external",
        "summary": "JBEAP-16031",
        "url": "https://issues.redhat.com/browse/JBEAP-16031"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0139.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.0 security update",
    "tracking": {
      "current_release_date": "2026-03-18T01:45:48+00:00",
      "generator": {
        "date": "2026-03-18T01:45:48+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.3"
        }
      },
      "id": "RHSA-2019:0139",
      "initial_release_date": "2019-01-22T16:30:34+00:00",
      "revision_history": [
        {
          "date": "2019-01-22T16:30:34+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2019-01-22T16:30:34+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-18T01:45:48+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss EAP 7.2",
                "product": {
                  "name": "Red Hat JBoss EAP 7.2",
                  "product_id": "Red Hat JBoss EAP 7.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Hynek Mlnarik"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-2582",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "discovery_date": "2017-01-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1410481"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "keycloak: SAML request parser replaces special strings with system properties",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss EAP 7.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-2582"
        },
        {
          "category": "external",
          "summary": "RHBZ#1410481",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410481"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-2582",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-2582"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2582"
        }
      ],
      "release_date": "2017-09-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2019-01-22T16:30:34+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
          "product_ids": [
            "Red Hat JBoss EAP 7.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2019:0139"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss EAP 7.2"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "keycloak: SAML request parser replaces special strings with system properties"
    }
  ]
}

CVE-2017-2582 (GCVE-0-2017-2582)

Vulnerability from cvelistv5 – Published: 2018-07-26 17:00 – Updated: 2024-08-05 13:55

Summary

It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-201

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2017:3220	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3216	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2809	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2740	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3218	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2810	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2741	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2742	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2808	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:0137	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3219	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:0139	vendor-advisoryx_refsource_REDHAT
	https://github.com/keycloak/keycloak/pull/3715/co…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1041707	vdb-entryx_refsource_SECTRACK
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2…	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:0136	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:2743	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3217	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2811	vendor-advisoryx_refsource_REDHAT
	http://www.securityfocus.com/bid/101046	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Red Hat	keycloak	Affected: 2.5.1

Date Public ?

2017-09-26 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:55:06.197Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:3220",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:3220"
          },
          {
            "name": "RHSA-2017:3216",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:3216"
          },
          {
            "name": "RHSA-2017:2809",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2809"
          },
          {
            "name": "RHSA-2018:2740",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2740"
          },
          {
            "name": "RHSA-2017:3218",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:3218"
          },
          {
            "name": "RHSA-2017:2810",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2810"
          },
          {
            "name": "RHSA-2018:2741",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2741"
          },
          {
            "name": "RHSA-2018:2742",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2742"
          },
          {
            "name": "RHSA-2017:2808",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2808"
          },
          {
            "name": "RHSA-2019:0137",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0137"
          },
          {
            "name": "RHSA-2017:3219",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:3219"
          },
          {
            "name": "RHSA-2019:0139",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0139"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/keycloak/keycloak/pull/3715/commits/0cb5ba0f6e83162d221681f47b470c3042eef237"
          },
          {
            "name": "1041707",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041707"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582"
          },
          {
            "name": "RHSA-2019:0136",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0136"
          },
          {
            "name": "RHSA-2018:2743",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2743"
          },
          {
            "name": "RHSA-2017:3217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:3217"
          },
          {
            "name": "RHSA-2017:2811",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2811"
          },
          {
            "name": "101046",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101046"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "keycloak",
          "vendor": "Red Hat",
          "versions": [
            {
              "status": "affected",
              "version": "2.5.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-201",
              "description": "CWE-201",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-23T10:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2017:3220",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:3220"
        },
        {
          "name": "RHSA-2017:3216",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:3216"
        },
        {
          "name": "RHSA-2017:2809",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2809"
        },
        {
          "name": "RHSA-2018:2740",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2740"
        },
        {
          "name": "RHSA-2017:3218",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:3218"
        },
        {
          "name": "RHSA-2017:2810",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2810"
        },
        {
          "name": "RHSA-2018:2741",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2741"
        },
        {
          "name": "RHSA-2018:2742",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2742"
        },
        {
          "name": "RHSA-2017:2808",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2808"
        },
        {
          "name": "RHSA-2019:0137",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0137"
        },
        {
          "name": "RHSA-2017:3219",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:3219"
        },
        {
          "name": "RHSA-2019:0139",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0139"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/keycloak/keycloak/pull/3715/commits/0cb5ba0f6e83162d221681f47b470c3042eef237"
        },
        {
          "name": "1041707",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041707"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582"
        },
        {
          "name": "RHSA-2019:0136",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0136"
        },
        {
          "name": "RHSA-2018:2743",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2743"
        },
        {
          "name": "RHSA-2017:3217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:3217"
        },
        {
          "name": "RHSA-2017:2811",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2811"
        },
        {
          "name": "101046",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101046"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-2582",
    "datePublished": "2018-07-26T17:00:00.000Z",
    "dateReserved": "2016-12-01T00:00:00.000Z",
    "dateUpdated": "2024-08-05T13:55:06.197Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2019:0139

CVE-2017-2582 (GCVE-0-2017-2582)

Tags

Sightings

Nomenclature